Supabase best practices for sanitizing user-generated HTML in database?
I'm creating a site where the user uses a rich text editor that outputs HTML. The user then puts that in a database field every time they save it. I know I could sanitize it on the frontend, but that doesn't work if I want SEO.
Is there a way I could receive the incoming HTML on the client trying to
Also, I know I can have a webhook, but that doesn't wait for a response (right?). If I go with that route, if there is an error with the webhook the unsanitized HTML would just say in the database. Ideally it never goes in at all.
Is there a way I could receive the incoming HTML on the client trying to
.insert() it into the database, get a Supabase function to sanitize the HTML, then have the HTML go into the database? I know I could add another column, something like is-sanitized but that creates some more UX headaches. Also, I know I can have a webhook, but that doesn't wait for a response (right?). If I go with that route, if there is an error with the webhook the unsanitized HTML would just say in the database. Ideally it never goes in at all.
